Since the beginning of this year, geopolitical pressures have combined with trade negotiations and deregulation efforts, increasing business volatility. And as we enter the fourth quarter of this year, that volatility shows little sign of improving.
Business risk is skyrocketing, according to research by legal and compliance leaders corporate director This is part of the Q3 Business Risk Index, a survey of general counsel, compliance leaders, and audit members conducted in partnership with Diligent Institute.
Legal and compliance leaders rate the level of risk in the current business environment as 7.9 out of 10. A score of 1 is negligible and a score of 10 is critical. This number has increased significantly since the first quarter, when business risk was just 5.8 out of 10, and has increased by 36% since then.
Those surveyed said they feel the risks are heightened due to the Trump administration's continued confusion over tariff decisions, ongoing geopolitical conflicts and persistent inflation.
“The concentration of these factors keeps risk levels high and requires companies to invest more in proactive compliance, risk management, scenario planning and governance frameworks,” said Taras Litovchenko, Chief Legal and Compliance Officer at Trinitex.
Many other participants in the September survey echoed Litovchenko's sentiments, citing “the regime's tariff games” and “macroeconomic forces” as linked to this high-risk environment.
Interestingly, a majority cite the unpredictability of the regulatory environment as one of the biggest risks to their business today, a decrease of 10 percentage points from the previous quarter. Kristi Granthart, vice president and head of advisory services at Spark Compliance, a Diligent brand, says companies may feel better prepared to weather regulatory uncertainty thanks to proactive compliance measures and increased investment in monitoring and risk management.
“As organizations gain more confidence in their regulatory frameworks, more tangible business risks, such as rate fluctuations and global fluctuations, are being focused on. This may reflect a positive trend in compliance maturity, where legal and compliance teams are building robust processes that allow them to respond agilely to regulatory changes,” she says.
According to this research, legal and compliance teams are indeed working to protect against these impacts and strengthen their companies' ability to withstand continued uncertainty over the coming year. Most of the steps it is taking to do so cite the increased use of technology, including artificial intelligence, for surveillance and regulatory tracking purposes.
But overall, all aspects of compliance have been strengthened, including employee compliance/ethics training and policy/procedure reviews. The only aspect not expected to increase in priority in the short term is 'whistleblower or reporting channels', which was flat year-on-year.
“Organizations at the forefront of compliance leverage technology and procedural reviews not only to meet regulatory obligations, but also to strengthen their overall risk posture,” says Granthart. “When companies prioritize advanced compliance tools and continuous risk assessments, they can anticipate regulatory changes and minimize exposure to new risks.”
Overcoming global change
Respondents are divided on how to respond to geopolitical uncertainty. This divergence in opinion may be due to the degree of exposure to international trade disruptions and tariff stressors.
However, the data shows that some companies are more proactive than others in developing response plans earlier, with almost a third (27 per cent) saying they have expanded oversight of cross-border trade or consulted external advisors on global regulations.
Meanwhile, data shows that 43% have not changed their compliance priorities at all in response to increased geopolitical instability. This is unexpected and concerning, as respondents now list “geopolitical conflict” as the third most pressing risk to their business. True compliance resilience means proactively reevaluating policies and controls in light of new global developments, rather than waiting for risks to materialize. Proactive compliance planning allows organizations to quickly adapt to an environment where regulatory expectations are constantly evolving.
Impact of artificial intelligence
When it comes to managing AI-related risks, the survey found that most legal and compliance teams have begun developing some form of management policy or usage guidelines. 29 percent say their company has a comprehensive plan to manage the use of AI, and a further 38 percent say guidelines are being drafted as we speak.
This ongoing process in a rapidly evolving field may be the reason why companies are increasing their efforts to use AI, yet still say they are “less confident” in its effectiveness. Forty-four percent report that their company's policies need some improvement, and 33 percent say they are completely inadequate.
This highlights the burden of AI adoption. Many companies are feeling internal pressure to adopt these technologies for a variety of applications, but at the same time, complexity is increasing. Effective compliance in the age of AI is not just about following the rules, Granthart says, but about building transparency and trust in how these technologies are managed.
Lack of confidence in general counsel’s ability to manage AI risks may also explain why directors are reluctant to adopt such technology themselves. in corporate directorAccording to its Q3 Director Confidence Index, only 10 percent of directors surveyed say they regularly use AI for oversight purposes, and 32 percent do not use it at all.
“This disconnect between thorough AI planning by compliance professionals and limited AI adoption at the board level points to a broader challenge for boards to fully understand both the risks and benefits of AI from a compliance perspective,” Granthart said. “Bridging this gap requires ongoing board education and open dialogue so directors are empowered to manage emerging technologies in line with sound compliance principles.”
